blah.dev
v0.1.0

OAuth 2.0 Provider

A complete OAuth 2.0 Authorization Server with OpenID Connect support for the blah.dev community.

What is blah OAuth?

blah OAuth lets you add “Sign in with Blah” to your applications. Users authenticate with their blah.dev account, and your app receives verified identity information through standard OAuth 2.0 flows.

The provider implements the Authorization Code Flow with PKCE support, token introspection, token revocation, and OpenID Connect discovery — all the pieces you need for secure, standards-compliant authentication.

Features

Authorization Code Flow

Standard OAuth 2.0 flow with PKCE for public and confidential clients

Token Management

Access tokens, refresh tokens with rotation, and revocation

OpenID Connect

Discovery endpoint, UserInfo claims, and standard scopes

Client Management

Dashboard and API for registering and managing OAuth applications

Token Introspection

RFC 7662 compliant token validation for resource servers

Security First

Argon2id hashing, SHA-256 token storage, CSRF protection

Standards Compliance

RFC 6749 — OAuth 2.0RFC 6750 — Bearer TokensRFC 7636 — PKCERFC 7662 — Token IntrospectionRFC 7009 — Token RevocationRFC 8414 — Server MetadataOpenID Connect Core 1.0

Next Steps

Quick Start →

Get “Sign in with Blah” working in 10 minutes

API Reference →

Complete endpoint documentation with examples